package com.lz.ssm.controller;

import com.lz.ssm.domain.Employee;
import com.lz.ssm.qo.JsonResult;
import com.lz.ssm.service.IEmployeeService;
import com.lz.ssm.service.IPermissionService;
import com.lz.ssm.util.UserContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpSession;
import java.util.List;

@Controller
public class LoginController {
    @Autowired
    private IEmployeeService employeeService;
    @Autowired
    private IPermissionService permissionService;

    @RequestMapping("/loginin")
    @ResponseBody
    public JsonResult login(String username, String password, HttpSession session) {
        try {
            Employee employee = employeeService.login(username, password);
            // 把员工放到session中
            //session.setAttribute("EMPLOYEE_IN_SESSION", employee);
            UserContext.setCurrentEmployee(employee);
            if (!employee.isAdmin()) {
                //若不是管理员，就需要查询权限信息
                List<String> expressions = permissionService.queryByEmployeeId(employee.getId());
                //session.setAttribute("EXPRESSIONS_IN_SESSION", expressions);
                UserContext.setCurrentPermission(expressions);
            }
            return new JsonResult(true, "登录成功");
        } catch (Exception e) {
            e.printStackTrace();
            return new JsonResult(false, e.getMessage());
        }
    }
}
